CVE-2020-14983

The server in Chocolate Doom 3.0.0 and Crispy Doom 5.8.0 doesn’t validate the user-controlled num_players value, leading to a buffer overflow. A malicious user can overwrite the server’s stack.

Date published : 2020-06-22

https://github.com/chocolate-doom/chocolate-doom/issues/1293

http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00002.html